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RESPONSE TO AMENDMENT 

1. This communication is responsive to the amendment received on October 2, 
2007. 

Claims 35, 39, 44-45, and 68 have been amended. 
Claims 43 and 51 have been cancelled. 
Claims 75-82 have been newly introduced. 
Claims 35-42, 44-50, 52-82 are pending.. 

The Previous Rejection Maintained 

2. The rejection is respectfully maintained as set forth in the last Office Action 
mailed on July 2, 2007. Applicants' arguments with respect to claims 35-42, 44-50, 52- 
82 have been fully considered but they are not persuasive and the old rejection is 
maintained. 

Claim Rejections - 35 USC $102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by 
another filed in the United States before the invention thereof by the applicant for patent, 
or on an international application by another who has fulfilled the requirements of 
paragraphs (1), (2), and (4) of section 371(c) of this title before the invention thereof by 
the applicant for patent. 

4. Claims 35-42, 44-50, 52-82, are rejected under 35 U.S.C. 102(e) as being 
anticipated by Albert et al., (referred to hereinafter as Albert) U.S. Patent application 
publication No. 20030056096A1 . 
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5. As to claim 35, Albert teaches an authentication system, comprising: 
an access controller operable to communicate with a client via a first 

communication medium (refer to paragraph 0059); and 

an authentication server operable to communicate with said client and said 
access controller via a second communication medium and further operable to deliver a 
first key to said client and a second key to said access controller, said second key being 
complementary to said first key such that when said client and said access controller 
are connected, communications therebetween can be encrypted using said keys; and 
wherein said access controller is operable to selectively pass instructions received from 
said client to a computer attached to said access controller if a verification protocol 
utilizing said keys is met (refer to paragraphs 0060-0061); 

wherein said first key is delivered to said client only if a user operating said client 
authenticates said user's identity with said server (The examiner would like to point out 
that this limitation is an inherent feature of Certification Authorities (CA's) used in Public 
Key Infrastructure to ensure the integrity of the network). A CA issues digital certificates 
which contain a public key and the identity of the owner. The CA also attests that the 
public key contained in the certificate belongs to the person, organization, server or 
other entity noted in the certificate (refer to the NPL documents submitted) 

6. As to claim 36, Albert teaches the authentication system according to claim 35, . 
wherein said authentication server is operable to generate said first key and said 
second key (refer to paragraphs 0060-0061). 
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7. As to claim 37, Albert teaches the authentication system according to claim 35, 
wherein said first key is a public encryption key and said second key is a private 
encryption key complementary to said public encryption key (refer to paragraphs 0060- 
0061). 

8. As to claim 38, Albert teaches the authentication system according to claim 35, 
wherein each of said first communication medium and said second communication 
medium is selected from the group of networks consisting of the Internet, the PSTN, a 
local area network, and a wireless network (refer to paragraph 0059). 

9. As to claim 39, Albert teaches the authentication system according to claim 35 
wherein said computer is a telecommunications switch (refer to paragraph 0059). 

10. As to claim 40, Albert teaches the authentication system according to claim 35, 
wherein said verification protocol includes a generation of a random number by said 
client, an encryption of said random number by said client using said first key, a delivery 
of said random number and said encrypted random number from said client to said 
access controller, a decryption of said encrypted random number using said second key 
by said access controller, a comparison of said random number and said decrypted 
number, and a decision to pass at least a portion of said instructions if said comparison 
finds a match of said random number with said decrypted number, and a decision not to 
pass said at least a portion of said instructions if no match is found (refer to paragraphs 
0060-0061). 

11. As to claim 41 , Albert teaches the authentication system according to claim 35, 
wherein said instructions are encrypted by said client using said first key and said 



Application/Control Number: Page 5 

10/673,509 

Art Unit: 2155 

verification protocol is based on a successful decryption of said instructions by said 
access controller using said second key(refer to paragraphs 0060-0062). 

12. As to claim 42, Albert teaches the authentication system according to claim 35, 
wherein said first key is delivered to said client only after said second key has been 
successfully delivered to said access controller (refer to paragraph 0059). 

1 3. As to claim 44, Albert teaches the authentication system according to claim 35 
wherein said access controller contains a preset second key and said authentication 
server maintains a record of said preset second key; said authentication server 
operable to deliver said first key and said second key only if said access controller 
successfully transmits said preset second key to said authentication server and said 
transmitted preset second key matches said authentication server's record thereof (refer 
to paragraphs 0060-0062). 

14. Claims 45-82 do not teach or define any new limitations beyond the claims 
above, therefore, they are rejected for similar reasons. 

15. Examiner Note: Examiner has cited particular columns and line numbers in the 
references as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings of the art and are 
applied to the specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the applicant in preparing 
responses, to fully consider the references in its entirety as potentially teaching of all or 
part of the claimed invention, as well as the. context of the passage as taught by the 
prior art or disclosed by the examiner. 
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Response to Arguments 

16. Applicants' arguments with respect to claims 35-42, 44-50, 52-82 have been fully 
considered but they are not persuasive. 

Applicant argues in substance that Albert does not teach or suggest that in order for a 
first key (for utilization by a client in a verification protocol) to be distributed to the client 
by an authentication server, the user of the client needs to authenticate his or her 
identity with that server. 

As stated above with regards to claim 35, the examiner would like to point out 
that this limitation is an inherent feature of Certification Authorities (CA's) used in Public 
Key Infrastructure to ensure the integrity of the network. A CA issues digital certificates 
which contain a public key and the identity of the owner. The CA also attests that the 
public key contained in the certificate belongs to the person, organization, server or 
other entity noted in the certificate (refer to the NPL documents submitted). 

Applicant's amendment necessitated the new grourid(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
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extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Contact Information 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shawki S Ismail whose telephone number is 571-272- 
3985. The examiner can normally be reached on M-F 8:30 - 5:00. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached at 571-272-4006. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




